The Health Information Trust Alliance (HITRUST) has partnered with Trend Micro to form the HITRUST Cyber Threat Management and Response Center which will enhance the capabilities of the HITRUST Cyber Threat Xchange.
The HITRUST Cyber Threat Xchange is the most widely adopted threat information sharing organization serving the healthcare industry. The HITRUST Cyber Threat Xchange provides detailed information on the latest cyber threats, allowing organizations to develop effective responses to the latest threats.
Organizations signed up to the HITRUST Cyber Threat Xchange receive indicators of threats and compromise rapidly, as was highlighted by the recent WannaCry ransomware attacks. HITRUST reports that it was providing detailed information on the threat two weeks before the first healthcare organization announced it was affected.
Providing threat intelligence is only part of the story. HITRUST must also make sure the information is consumable and can be used by healthcare organizations. It was apparent that in many cases, healthcare organizations were unable to effectively use the information to mitigate risk.
HITRUST has been working at improving the HITRUST Cyber Threat Xchange and over the past 18 months the alliance has identified a number of areas where the service can be enhanced and improved. Increasing the volume of information sent to healthcare organizations is one goal, but also to ensure that the information is useful to the widest possible range of organizations, regardless of their size, resources, or level of cyber maturity.
HITRUST has been increasing its collection of indicators of threat and compromise via its Enhanced IOC Collection program. That program will be expanded under the new partnership.
The HITRUST Cyber Threat Management and Response Center will see the capabilities of the HITRUST Cyber Threat Xchange enhanced. Via the partnership, HITRUIST will have access to thousands of sensors around the globe and world-wide labs specializing in multiple types of cyber research. The Center will provide details of a much greater range of vulnerabilities specific to the healthcare industry and more responsive community engagement and assistance. HITRUST will also be able to provide much better tracking and monthly reporting of healthcare-specific cyber threats.
“We have been committed to partnering with industry and government for many years to collectively improve the industry’s cyber defenses and resilience,” said HITRUST CEO Daniel Nutkis. “We see this latest development as continued validation of the private sector’s commitment and will continue to evaluate areas for improvement and taking action where appropriate.”
Mike Gibson, Trend Micro’s vice president of threat research said, “We believe our combined effort will make a positive difference in improving cyber defenses for organizations of all sizes and for our nation’s overall cybersecurity posture.”
The new HITRUST Cyber Threat Management and Response Center will be available from October 1, 2017. Access to the center is possible via a subscription